This Notice explains how we obtain, use, share, store, protect and disclose your personal information. The protection of personal information is a priority within FINWorks and is taken seriously.

FINWorks will maintain the confidentiality of your personal information and comply with legislation like the Protection of Personal Information Act 4 of 2013 (POPIA) when processing your personal information.

We provide technology services to our customers and this notice also elaborates on Personal Information that our customers could collect from their clients using our services.

Type of Personal Information Collected of our Customers

We collect and process your personal information mainly to contact you for the purposes of understanding your requirements, and delivering services to you accordingly.  Personal information collected by FINWorks can include your Business name, Registration number, Postal address, Physical address, VAT number, Website address, Business phone number, Contact person title, Contact person name, Contact person surname, Contact person position, Contract person email address, Contact person business telephone number, Contact person cell number, Contact person birthday. We may collect additional information that you submit when you contact our support or provide feedback to us.

We collect information directly from you where you provide us with your personal details, as well as from our support and documentation portals.  Where possible, we will inform you what information is required to provide to us and what information is optional.

Website usage information may be collected using “cookies” and similar technologies which allows us to collect standard internet visitor usage information. This information can include internet domain, browser, operating system, device, pages visited, date and time, etc.

We may also collect information from public available sources like your public website.

Type of Personal Information Collected by our Customers of their clients using our system and services.

Personal information collected by our customers using our services can include your name, contact details, birth date, identity number, employment details, bank account number, financial information, website usage information etc.

Our customers typically collect this information directly from their clients, through financial intermediaries or other third parties.

The personal information collected or held by our Customers may be used, stored, transferred, disclosed or shared for the following purposes:

  • Providing financial and intermediary services;
  • Providing discretionary financial services;
  • Processing applications for financial services delivery;
  • Processing complaints or claims;
  • Providing ongoing administration services for the duration of the contract;
  • Fulfilling a transaction on request of a client; or
  • If permission is given, our Customers may use your personal or other information to tell you about products and services.

For more details on how our Customers treat your personal information please refer to their privacy policies. FINWorks is not in control of how our Customers use your personal information outside of our services.

How we use your information

We will use your personal information only for the purposes for which it was collected to deliver services to you accordingly.

FINWorks may be obliged to disclose your personal information to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, or for the purposes of protecting the interest of clients, for example fraud prevention or to give effect to an agreement.

Security of you Personal Information

We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorized access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that your personal information remains secure.

Our security policies and procedures cover:

  • Physical server and machine security;
  • Network security;
  • Data and database security;
  • Access to personal information;
  • Secure communications;
  • Retention and disposal of information;
  • Acceptable usage of personal information;
  • Governance and regulatory issues;
  • Monitoring access and usage of private information;
  • Investigating and reacting to security incidents;
  • External audits and prevention.

When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.

We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to.

Social media

We make use of social media through our services and business processes. We record posts and other data that you may submit to us through these channels.

Some of these posts may be visible to the general public for comment and we are not responsible for any information posted on these channels or social media platforms that are not submitted by us. We do not endorse these channels or social media platforms as such, or any information posted on them by third parties or other users.

These channels and social media platforms may collect personal information from their users that are outside of our control. Please refer to the privacy policies of these channels and social media platforms on how they handle any of your personal infomration.

Your Rights

You have the right to request a copy of the personal information we hold about you.

You have the right to ask us to update, correct or delete your personal information.

To do this, simply contact us at the contact details provided on our website and specify what information you require.  We may need a copy of your ID document and other information to confirm your identity before providing details of your personal information.

You need to keep your personal information accurate.

To exercise your rights, you can contact our Information Officer at

If you don’t get sufficient response from us or have a complaint in regards to the manner we handle your personal information, you may contact the South African Regulator at or see

Changes to our privacy notice
We may update this Notice from time to time. Please refer to our website for an up to date version.